And the compile command is: gcc -fstack-protector -z execstack -o f f.c
So basically my problem is the reordering variable that place &p and &a above their buffer so that I cannot overwrite p's address by sending a large buffer. How I could bypass this?

1 Answer
1

If the variables have been reordered so that p comes before a[30] in memory, and your only attack option is to overwrite p by overflowing the buffer in a, you cannot do it.

(At least not sensibly. You could try for an arithmetic overflow in strcpy() by passing in a 4GB string, but it's virtually certain you'd clobber something important before you wrapped around far enough to overwrite p.)